Alternate fix for ../test/recipes/80-test_ssl_old.t with no-ec

Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4981)

Alternate fix for ../test/recipes/80-test_ssl_old.t with no-ec
Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4981)
8175af50 · Bernd Edlinger · 8af7e94d · 8175af50 · 8175af50 · 8175af50
隐藏空白更改
内联并排

Showing with 3 addition and 47 deletion

ssl/s3_lib.c ssl/s3_lib.c +0 -34

ssl/ssl_ciph.c ssl/ssl_ciph.c +1 -1

test/recipes/80-test_ssl_old.t test/recipes/80-test_ssl_old.t +2 -12

未找到文件。
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -940,8 +940,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     128,
     128,
     },
-
-#ifndef OPENSSL_NO_EC
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
@@ -1268,9 +1266,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-#endif                          /* OPENSSL_NO_EC */
-
-#ifndef OPENSSL_NO_PSK
    {
     1,
     TLS1_TXT_PSK_WITH_NULL_SHA,
@@ -1757,7 +1752,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     0,
     0,
     },
-# ifndef OPENSSL_NO_EC
 #  ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
    {
     1,
@@ -1888,10 +1882,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
     0,
     0,
     },
-# endif                         /* OPENSSL_NO_EC */
-#endif                          /* OPENSSL_NO_PSK */

-#ifndef OPENSSL_NO_SRP
 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
    {
     1,
@@ -2038,10 +2029,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-#endif                          /* OPENSSL_NO_SRP */

 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-# ifndef OPENSSL_NO_RSA
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
@@ -2058,9 +2047,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-# endif                         /* OPENSSL_NO_RSA */
-
-# ifndef OPENSSL_NO_EC
    {
     1,
     TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -2093,9 +2079,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-# endif                         /* OPENSSL_NO_EC */
-
-# ifndef OPENSSL_NO_PSK
    {
     1,
     TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
@@ -2160,7 +2143,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-# endif                         /* OPENSSL_NO_PSK */
 #endif                          /* !defined(OPENSSL_NO_CHACHA) &&
                                 * !defined(OPENSSL_NO_POLY1305) */

@@ -2421,8 +2403,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     128,
     128,
     },
-
-# ifndef OPENSSL_NO_EC
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
@@ -2487,9 +2467,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-# endif                         /* OPENSSL_NO_EC */
-
-# ifndef OPENSSL_NO_PSK
    {
     1,
     TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
@@ -2618,8 +2595,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-# endif                         /* OPENSSL_NO_PSK */
-
 #endif                          /* OPENSSL_NO_CAMELLIA */

 #ifndef OPENSSL_NO_GOST
@@ -2824,8 +2799,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     128,
     128,
     },
-
-# ifndef OPENSSL_NO_EC
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
@@ -2890,9 +2863,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     128,
     128,
     },
-# endif                         /* OPENSSL_NO_EC */
-
-# ifndef OPENSSL_NO_PSK
    {
     1,
     TLS1_TXT_PSK_WITH_RC4_128_SHA,
@@ -2941,8 +2911,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     128,
     128,
     },
-# endif                         /* OPENSSL_NO_PSK */
-
 #endif                          /* OPENSSL_NO_WEAK_SSL_CIPHERS */

 #ifndef OPENSSL_NO_ARIA
@@ -3074,7 +3042,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-
    {
     1,
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
@@ -3171,7 +3138,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
     256,
     256,
     },
-
    {
     1,
     TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,

--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -401,7 +401,7 @@ int ssl_load_ciphers(void)
    disabled_mkey_mask |= SSL_kDHE | SSL_kDHEPSK;
 #endif
 #ifdef OPENSSL_NO_EC
-    disabled_mkey_mask |= SSL_kECDHEPSK;
+    disabled_mkey_mask |= SSL_kECDHE | SSL_kECDHEPSK;
    disabled_auth_mask |= SSL_aECDSA;
 #endif
 #ifdef OPENSSL_NO_PSK

--- a/test/recipes/80-test_ssl_old.t
+++ b/test/recipes/80-test_ssl_old.t
@@ -398,21 +398,11 @@ sub testssl {
        my @exkeys = ();
        my $ciphers = "-EXP:-PSK:-SRP:-kDH:-kECDHe";

-        if ($no_dh) {
-            note "skipping DHE tests\n";
-            $ciphers .= ":-kDHE";
-        }
-        if ($no_dsa) {
-            note "skipping DSA tests\n";
-            $ciphers .= ":-aDSA";
-        } else {
+        if (!$no_dsa) {
            push @exkeys, "-s_cert", "certD.ss", "-s_key", "keyD.ss";
        }

-        if ($no_ec) {
-            note "skipping EC tests\n";
-            $ciphers .= ":!aECDSA:!kECDH";
-        } else {
+        if (!$no_ec) {
            push @exkeys, "-s_cert", "certE.ss", "-s_key", "keyE.ss";
        }